Conventional computerized devices, such as personal computers, laptop computers, and data communications devices (e.g., routers, switches, gateways and the like) exchange data over networks using a variety of communications mechanisms. In an attempt to prevent malicious attacks to such computer systems, it is often necessary to have anti-virus or other hostile program detection, elimination and/or prevention applications in operation on such computers to remove or quarantine malicious programs. Generally, such malicious programs can includes viruses, worms, Trojan horse programs, spyware, spamware and other unwanted programs that, if executed on a computer, can compromise the integrity or use of the computer system in many ways. Conventional detection and protection programs such as anti-virus software operate to identify and remove or disinfect the malicious code from an infected computer and make attempts to avoid infection all together.
As an example, conventional anti-virus software operates to scan files on a computer to detect and eliminate viruses or other malicious code. The anti-virus software examines files to look for known viruses by referencing a virus dictionary (i.e., a compiled list of known virus signatures). The anti-virus software can also identify suspicious behavior from a file such as suspicious program behavior that potentially might indicate a file associated with the program is infected with a virus. Anti-virus software can be scheduled to run on-demand during the booting-up process of the computer, during the launching of applications (such as during startup of an email utility, work processor, or other program), or can even be scheduled to run at a specific time (i.e., every Tuesday and Thursday at 3 pm). Typically, a file cannot be in use (e.g., open) during the scanning of that file by anti-virus software.